Literary Review










Cyber Warfare: Literature/Research Review
Gregorio Simmons
University of Texas at El Paso










Abstract
Cyber Warfare is an effective means of crippling infrastructure; from whole nations all the way down to Citywide Power Sources. The faster technology is created to shorten the time it takes information to go from one location to the next, Cyber Warfare is essentially being upgraded by allowing Cyber Terrorist  the means to use the same technology to steal, gain control, and impersonate actions of unwary users of today’s technology. Because anyone is vulnerable to attacks it is important that the definition of Cyber Warfare is known and understood. Individuals at risk from these attacks include Government Assets, small companies, and the everyday person that uses the internet.   Some of the public may be unaware of the severity of these attacks. For example a 19 year old living in the Netherlands was able to gain control of computer systems around the world to simply increase his own personal revenue. The Government is taking steps to prevent Cyber Warfare, however because of the severity of this threat the government has to ensure it own survivability before it can extend its resources to the general public. Because the public is unable to create a cyber defense system like the U.S. Government, members of this growing online community needs to take precautions and be aware of the threats, risks, and hazards of every day internet use.






With new technology comes greater responsibility.  Technology has expanded so much in recent years that it is almost impossible to keep up with.  While new technology is created every day to make lives easier, someone somewhere is using technology to harm others through means of Cyber Warfare.  One threat could be an e-mail that is designed to report back user names and passwords to the creator so that an individual can access bank accounts to fraudulently steal an identity for personal use.  Another potential hazard may be a virus that is unknowingly downloaded to bring down the entire networking infrastructure of Washington D.C. allowing terrorist to steal files on military strategic operations.  The research will go into depth on Cyber Warfare by answering the following questions:
1.      What is Cyber Warfare?
2.      Who is really at risk from these types of attacks?
3.      Is the general public aware of the severity of these attacks?
4.      What has the U.S. Government done to protect the United States and its people from Cyber Warfare?
Answering these questions will allow the audience to learn more about a topic that is not widely discussed or known.  Defining Cyber Warfare is a challenge; as time progresses outside influences and different parties from all across the world add to the definition.  Cyber Warfare has many complexities and as the world becomes more familiar with Cyber Warfare, the definition will fine tune itself. Bringing to light the discourse communities that are at risk to the attacks of Cyber Warfare are vital to protecting those discourse communities.  Determining whether or not the public is fully aware of the concept of Cyber Warfare is the first step to preventing initial attacks.  Through awareness and advocacy, future Cyber Attacks and Cyber Warfare may be prevented. Understanding where the U.S. Government is at in protecting its people from Cyber Warfare helps citizens better protect themselves.  The U.S. Government is building capabilities able to deter Cyber Warfare through technological advances using a vast knowledge base of what Cyber Warfare actually entails.
What is Cyber Warfare? To answer this question, someone might simply assume the term “Cyber” comes from the word Cyberspace, and relate the term “Warfare” to an armed conflict. Perceptions on this simple definition can vary widely depending on who is defining the two terms.  Possible variables may include how much an individual deals with cyber warfare attacks, cyber crimes, and cyber terrorism.  Software Engineers may work closer with these forms of attacks and use a more technical language as compared to a politician who may view cyber warfare as a state wide concern looking for ways to maintain an upper hand as far as War and conflicts are concerned.  Albert Gonzalez is a Network Engineer currently employed by the European Aeronautic Defense and Space Company; he works as an instructor to train the United States Air Force (USAF) Cyberspace Operations Officers.  According to Gonzalez, Cyber Warfare can be defined “as the strategies to attack, deny, and defeat our capability to operate in Cyberspace” (Gonzalez, 2011).  Gonzalez later cited the USAF in defining Cyberspace “as a global domain within the information environment consisting of the interdependent network of information technology infrastructures that includes everything from computer systems to telecommunication networks the Internet.  The Cyberspace domain ranges from ensuring radar or satellite capabilities are operational to programming software to provide leadership with a real-time picture of the mission more effectively” (Gonzalez, 2011).  Because Gonzalez works with the USAF in combating the threat of Cyber Warfare, his definition of Cyber Warfare therefore reflects his views on the definition.
Some authors who are knowledgeable on the subject who previously wrote to advocate on the matter were not so technical in their definitions of the term.  Ophardt (2010) defined Cyber warfare as a “subset of a larger field known as information operations, until recently appeared to belong to the realm of science fiction.  Cyber attacks have occurred throughout most of the Internet’s history; States have just recently begun to include them in their doctrine”. States as mentioned by Ophardt does not refer to Texas or Ohio, but rather the entire governing body of a Nation.
Another subject matter on Cyber Warfare, Carr, documented that “Cyber Warfare has been around for about a decade and still there is not a concrete definition for it” (2009).  One observation to be pointed out is that the older a definition is, the broader it gets.  Government influence and other outside awareness groups may have provided more insight and may have played a small role in defining the unknown threat as it becomes more apparent whether or not Cyber Warfare is or is not an actual threat.
Cyber Warfare unfortunately hasn’t always been a term known by everyone, as previously mentioned.  This raises an important question; if in fact the Government is facing threats in which it needed funding, which started as recently as the Obama Administration, who is really at risk from these types of attacks?  The answer is everyone.  Threats of Cyber attacks to industrial infrastructures are rising, as the attackers plan and seek new strategies to increase their own wealth.  “The CIA confirmed a cyber attack caused power outages in multiple cities including New Orleans in 2008, and has provided information on invasions into utilities that were followed by extortion demands” (Piggin, 2010).  This is only one form of Cyber Attacks that has been used against the United States.
The year was 2008; a Dutchman residing in the town of Sneek, which is located in the Netherlands, creates a virus that spreads by sending itself through Microsoft’s Windows Live Messenger.  Using the contact of an infected computer system it would send itself to everyone on that individuals contact list, creating a link that when clicked on by an unsuspecting victim, would open a message that also downloads the virus. In the end, the Dutchman “assumed illicit control of as many as 150,000 computers around the world” (Talbot 2010).  The criminal was only 19 years of age.  Each computer that was controlled by this young perpetrator was turned into a “bot”.  This means each computer was capable of some of the worst threats on the internet to include; “spam, fraud and identity theft” (2010).  The graph below shows how increases in cyber attacks over time have increased as well as the number of foreign countries that are participating in Cyber Warfare.


 
To answer the question of who is at risk more specifically, Gonzalez stated that it is “any system that is part of the Cyber Domain” (2011).  Any system includes and is not limited to a USB or thumb drive that is plugged into a computer that is in a connected network.  Satellites in space are connected to networks, which in turn are connected to the Cyber Domain.  Essentially any type of new or old technology that gets used today to transfer information and make lives easier, to include Smartphone’s, is potentially at risk.  These devices, computer systems, and networks do not need to have any affiliation with the U.S. Government to be targeted by these outside threats.  It is just unfortunate that some of the mass transit systems in larger cities, the Water Distribution Systems, and the U.S. Power Infrastructure are connected and are at risk.  In essence citizens of the U.S. may be affected directly if they are users of information technologies; even the citizens who unknowingly or indirectly use information technologies are at risk of these attacks.
Everyone is in one way or another at risk from Cyber Warfare attacks.  That doesn’t mean that everyone knows just how serious these attacks are.  Is the general public aware of the severity of these attacks?  According to some specialist in this career field, the answer is “no”. Gonzalez mentions that the USAF is doing their part to spread awareness within.  “There is an effort to bring this to the forefront because social engineering is prevalent in gaining access to our cyber assets”.  The USAF has ensured this by mandating anyone who works with the USAF, including Airmen and Civilian Contractors who uses a cyberspace ability, “has to read the ‘10 Things Every Airman Must Know’” in a document which happens to be the doctrine reading for anyone associated in the cyber space career field (Gonzalez, 2011).
Some authors and advocates believe the best way to create awareness of how severe these attacks are is to show the general public how the cyber attacks are affecting the U.S. Government economically.  This would be done by showing how costly Cyber Attacks can be when compared to other terrorist attacks that have affected the U.S.  (Cashell et al. 2004, as cited by Owens, 2008).  Owens, citing Hutchings, explained “that the total cost of financial loss due to malicious software was around $13 billion in 2003.  Although the collective $13 billion/year cost of malicious software might seem small in contrast to the estimated $50 billion cost of the 9/11 terrorist attack” (2004).  The attack that took place on September 11, 2001 will more than likely take a lifetime to cause that much damage financially in a single terrorist act.  However the financial loss that was reported in 2003, when Cyber Warfare was almost unknown to the public eye, still ended up causing that much damage.  Imagine how much that number of $13 billion has increased due to the increase of attacks.  That number generates more financial loss and only increases with every passing year.
Although the financial losses caused by Cyber Attacks are considerably small when compared to the horrific event of September 11, Admiral McConnell predicted that the United States will suffer an "electronic Pearl Harbor" (2010 as cited by Jensen, E., 2010).  McConnell later stated that at some point in time in the near future the Government may have to “reinvent” itself to be able to protect its citizens and actually be held accountable for making future advances in cyber technology.  Lastly he stated that the internet may have to change from the usual “dot com" to "dot secure”.  The statements made by McConnell were made at the 2010 Texas Law Review Symposium (2010).  The general public may or may not be aware of the severity of these attacks but at least there are groups and individuals promoting awareness through public appearances and speeches.
While the U.S. Federal Government may be the primary target for Cyber Warfare, Cyber Terrorists may look towards other vulnerable entities.  The State, City, and Corporate facilities are other examples presented as easy targets for revenue.  This can essentially culminate in many different possible attacks and threats that are virtually daily occurrences.  Due to the prevalence of Cyber Warfare attacks, it needs to be asked, what has the U.S. Government done to protect its people from Cyber Warfare?
As it turns out, the battle of Cyber Terrorism and the prevention of Cyber Warfare is now a very highly regarded politicized issue.  This also turns out to be an economically benefitting issue as well.  Since the attacks of September 11, 2001 an entire industry emerged to take on the challenges and hazards of cyber terrorism.  Groups which are now noticed as think tanks have been able to collaborate and create detailed development plans.  Within the private industry companies are able to hire security consultants and software designers to deploy their own security measures.  “The F.B.I. hired more than 1,000 ‘cyber investigators” and shortly “following the attacks on September 11, 2001 the U.S. Government requested $4.5 billion for infrastructure security” (Weimann, 2008).  Fulghum expands on this statement by explaining that
“Cyber operations and electronic warfare are two of the three areas that can expect to survive in the next decades’ environment of shrinking defense budgets” (2011).  Fulghum later stated that the third area that will survive would be the investments that will have to be made to create technologies necessary to locate targets “for those computer, network, and electronic attacks”. The U.S. Government is making vast efforts in relation to other areas of the defense budget, knowing how serious the threat of Cyber Warfare is.
The private sector, like the Government, is making progress in the business aspect by defending themselves from Cyber Attacks.  However, even though “the Government is locking down the infrastructure” (Gonzalez, 2011) all aspects of the “public infrastructure need the same protection systems” (2011), not just the government.  Unfortunately there are “no laws to make it mandatory” (2011).  There is a "Cyber War documentary that addresses the who's going to step up and protect the public when terrorists bring down the power grid, the unfortunate answer is nobody” (2011).  Unless the government can withstand these cyber attacks, potentially the U.S. Government could fall apart.  Until the U.S. is able to defend itself from cyber attacks they are currently unable to protect the general public.
Cyber Warfare is very much prevalent in our society today. Information Technologies come with great risks, whether these risks are being on the verge of an all out cyber war with one or more nations or the elusive cyber terrorists that target companies and smaller infrastructures for their own personal gain.  The United States Government is taking the precautionary steps to prevent Cyber Warfare and spreading awareness while at the same time defending itself from Cyber Attacks.  As technology continues with its advancements, the need for cyber defense systems will also advance.  Already these attacks have the ability to infiltrate personal lives and affect anyone across the planet in the blink of an eye.  Virtually everyone is risking the chance of being a victim.  As for now it is up to all of the members of this discourse community to be self aware of the threats that are here and now.  The key to success is the ability to communicate swiftly and safely and keeping a defensive mentality as the threats and everyday risks are out there.






References
A. M. Gonzales (personal communication, March 23, 2011)
Carr, J. (2009). Inside Cyber Warfare. Sebastopol, Calif.: O'Reilly Media, Inc.
Fulghum, D. A. (2011). Non-Kinetic Combat. Aviation Week & Space Technology, 173(4), 160.   Retrieved: March 17, 2011 from EBSCOhost.
Jensen, E. (2010). Cyber Warfare and Precautions Against the Effects of Attacks. Texas Law          Review, 88(7), 1533-1569. Retrieved: March 16, 2011 from EBSCOhost.
Ophardt, J. A. (2010). Cyber Warfare and The Crime of Aggression: The Need for Individual        Accountability on Tomorrow’s Battlefield. Duke Law & Technology Review, (3), 1-27.            Retrieved: March 18, 2011 from EBSCOhost.
Owen, R. S. (2008). Infrastructures of Cyber Warfare. In L. J. Janczewski & A. M. Colarik           (Eds.) Cyber Warfare and Cyber Terrorism, (pp. 35-41) Hershey, PA: Information          Science Reference Retrieved: March 24, 2011, from Gale Virtual Reference Library via          Gale: http://0-  go.galegroup.com.lib.utep.edu/ps/start.do?p=GVRL&u=txshracd2603
Piggin, R. (2010). The reality of cyber terrorism. Engineering & Technology (17509637), 5(17),    36-38. Retrieved: March 20, 2011, doi:10.1049/et.2010.1721
Talbot, D. (2010). Moore's Outlaws. Technology Review, 113(4), 36-43. Retrieved: March 21,      2011,             EBSCOhost.
Talbot, D. (2010). The Rise in Global Cyber Threats. Graph. Technology Review, 113(4), 43.         Retrieved:March 21, 2011, EBSCOhost.
Weimann, G. (2008). Cyber Terrorism: Are We Barking At the Wrong Tree?. Harvard Asia           Pacific Review, 9(2), 41-46. Retrieved: March 21, 2011, from EBSCOhost.